Channels

Services

Firefox extension illustrates password reuse

Green points designate passwords and blue points are web sites. The orange connections indicate similar passwords
Source: Mozilla
The Password Reuse Visualizer extension for the Firefox web browser provides a visual representation of password reuse across multiple web sites. The extension works by analysing the data stored in the browser's password store using the nsILoginManager interface to read a user's saved credentials.

Password Reuse Visualizer, which was developed by Mozilla employee Paul Sawaya, uses this to generate a map showing each password as a green point, with blue points representing web sites. If one of the green password points is connected to multiple web sites, this shows that the password is being recycled. For very similar passwords used on different sites, the extension visualises this using an orange line.

Recycling passwords is convenient, but represents a major security headache. It enables an attacker, by hacking one web site with which a user has registered, to then log into all of the other sites on which the same password has been used.